ab99ac108e5f727cff4b8ed5d1a2365e333cb1b06ba77ed42c76b6d255c530f1

Sharing

Copy URL Twitter E-mail

General

Target

ab99ac108e5f727cff4b8ed5d1a2365e333cb1b06ba77ed42c76b6d255c530f1
Size

120KB
MD5

2f3a5e264a2e827c7bdd159527f64a79
SHA1

fb188df3827b35b354f8a9827e8fce16bd8acb8f
SHA256

ab99ac108e5f727cff4b8ed5d1a2365e333cb1b06ba77ed42c76b6d255c530f1
SHA512

54f02b55ec4d1ad9faafef30f9177f9b909bd504c27581b16ff8f63d2e0b268b5fb5a6668b975a76c47134192a5e3e303bdd24acc7752a2e2dcfafa939e53dba
SSDEEP

1536:tJJIhzdfPcGGFTeLHBEP85XT/j+AASioSQx31GjC06cJrfwoit:tJJoz5Pc3xeLHB885pfxlj06Srfwoit

Score

N/A

Malware Config

Signatures

Files

ab99ac108e5f727cff4b8ed5d1a2365e333cb1b06ba77ed42c76b6d255c530f1
.exe windows x86

7579a399ced8dbcb5b59f9b3b9324156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
lstrcpynA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetModuleFileNameA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetPrivateProfileIntA
WaitForSingleObject
CloseHandle
GetSystemTime
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
InterlockedIncrement
InterlockedDecrement
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetLastError
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
InitializeCriticalSection
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
ReadFile
FlushFileBuffers
UnhandledExceptionFilter
HeapSize
GetProcAddress
FreeEnvironmentStringsA
RaiseException

user32

DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
wsprintfA
KillTimer
SetTimer
DefWindowProcA
PostQuitMessage

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

wsock32

gethostbyname
send
closesocket
recv
connect
htons
socket
WSAStartup

urlmon

URLDownloadToFileA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7579a399ced8dbcb5b59f9b3b9324156

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

urlmon

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 2KB